I offers security consulting services within the space of Penetration Testing , Ethical Hacking , Vulnerability Assessments and Security Code and Configuration Reviews ~

Ebay Xssed

I was found Xss in ebay and now i am sharing PoC...

PoC: www.ebay.com/rpp/fashionvault/athletic-shoes-for-him-and-her/


READ FULL POST

Google Bug Hunting

Today, i am sharing my Google findings that gives me a great experience.

First,
Xss in html5rocks.com Google acquired Site.

PoC: http://www.html5rocks.com/en/tutorials/#




Second,
Bug in http://rightsflow.com/




I gives a Username and Password, Username field is all correct but in Password field, Password was showing and not marked as Password type.



Password field was defaults set as Text type.
READ FULL POST

Etsy Bug Bounty Program

Recently I participated in Etsy Bug Bounty Program and got success for a long time working and now I'm in Etsy Hall Of Fame for reporting Vulnerabilities to them:



http://www.etsy.com/help/article/2463



READ FULL POST

Facebook WhiteHat Prorgam

Facebook has it's own Bug Bounty Program so I moved towards to Facebook, hope for find a Bug and get a bounty. So I started and try to find something as soon as I can continuously tried, during this I found some bugs and report to Facebook. All the bugs had rejected by Facebook. I lost my hope but something I have in my heart and in the short period I found an interesting bug by little more Hard Work.

This time Facebook accepted my bug and rewarded me with $500.


and after a few weeks my name Updated in Facebook WhiteHat List:



When I got $500 and it's my first bounty. Now my COnfidence is buildup and I Worked Hard more and another bug HTML INJECTION, I found in Facebook and they rewarded me for this bug with $1000.


READ FULL POST

Twitter - White Hat Program

Long time ago , I was found a bug in Twitter acquired site https://bagcheck.com/ , and I reported a bug to Twitter and they confirmed this issue. After some months Twitter asked me to prefer name for Twitter White Hat List and Updated me in their White Hat List.

https://about.twitter.com/company/security



READ FULL POST

Dell Xssed

Today, I wanna Show you one of my finding in Dell website.

SonicWall, originally a private company headquartered in San Jose, California, and now owned by Dell, sells a range of Internet appliances primarily directed at content control and network security.





Response:





The issue is now been fixed.



READ FULL POST